Privacy

DATA CONTROLLER

Longino & Cardenal Spa Via A. Moroni 8 20005 Pogliano Milanese MI VAT number 10994990157 Tax code 00865830111, telephone number +39 029396851

Email address of the Data Controller: info@longino.it,

TYPES OF DATA COLLECTED

Among the Personal Data collected by this Website, either independently or through third parties, there are: Cookies, Usage Data, name, email address, city, date of birth, gender, VAT number, profession, address, fax number, country, state, province, postal code, various types of data, tax code, sector of activity, user ID, number of employees, website, unique device identifiers for advertising (Google Advertiser ID or IDFA identifier, for example), username, and geographical location.

Complete details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific information texts displayed before the data is collected. Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of this Website. Unless otherwise specified, all Data requested by this Website is mandatory. If the User refuses to communicate them, it may be impossible for this Website to provide the Service. In cases where this Website indicates certain Data as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or its operation. Users who have doubts about which Data is mandatory are encouraged to contact the Data Controller. Any use of Cookies – or other tracking tools – by this Website or by the owners of third-party services used by this Website, unless otherwise specified, is for the purpose of providing the Service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy, if available.

The User assumes responsibility for the Personal Data of third parties obtained, published, or shared through this Website and guarantees that they have the right to communicate or disseminate it, freeing the Data Controller from any liability to third parties.


METHOD AND LOCATION OF DATA PROCESSING

Processing methods

The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data. Processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other parties involved in the organization of this Website (administrative, commercial, marketing, legal, system administrators) or external parties (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the Data, also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Processors can always be requested from the Data Controller.

Legal basis for processing

The Data Controller processes Personal Data relating to the User if one of the following conditions exists:

  • the User has given consent for one or more specific purposes; Note: in some jurisdictions, the Data Controller may be authorized to process Personal Data without the User's consent or another of the legal bases specified below, until the User objects (“opt-out”) to such processing. However, this does not apply if the processing of Personal Data is governed by European legislation on the protection of Personal Data;

  • the processing is necessary for the performance of a contract with the User and/or for the implementation of pre-contractual measures;

  • processing is necessary for compliance with a legal obligation to which the Controller is subject;

  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;

  • the processing is necessary for the pursuit of the legitimate interests of the Data Controller or of third parties.

The specific legal bases are indicated further on in the section “Type of data and legal basis.”

However, it is always possible to ask the Data Controller to clarify the specific legal basis for each processing operation and, in particular, to specify whether the processing is based on the law, provided for in a contract, or necessary for the conclusion of a contract.

Place of processing

The data collected is processed at the Data Controller's headquarters and by formally authorized external data processors. In this context, the hosting and back-end infrastructure service has the function of hosting data and files that enable this Website to function, allow its distribution, and provide a ready-to-use infrastructure to deliver specific features of this Website. Some of these services operate through servers located in different geographical locations, making it difficult to determine the exact location where Personal Data is stored, as well as for security reasons against external attacks. Hosting Service: ArubaCloud (Aruba S.p.A.). Aruba Cloud is a hosting service provided by Aruba S.p.A.

Personal Data collected: various types of Data as specified in the privacy policy of the service.

Place of processing: Italy – Privacy Policy.

It is also possible to access social networks or external platforms directly from the pages of this website thanks to interaction services. Interactions and information acquired from this website are in any case subject to the user's privacy settings for each social network. This type of service may still collect traffic data for the pages where the service is installed, even when Users do not use it.

It is recommended that you log out of the respective services to ensure that the data processed on this Website is not linked back to your profile.

Retention period

The data is processed and stored for the time required for the purposes for which it was collected. In particular:

  • Personal data collected for purposes related to the performance of a contract between the Data Controller and the data subject will be retained until the performance of that contract is completed;

  • Personal data collected to comply with a legal obligation will be retained for the time required by the specific applicable legislation;

  • Personal data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is satisfied;

  • For personal data processed following the expression of consent by the user, the Data Controller may retain the personal data until such consent is revoked by the data subject.

The retention period may differ from that indicated above in the event of compliance with a legal obligation or by order of an authority. It is understood that at the end of the retention period, the data will be deleted. Therefore, upon expiry of this period, the right of access, deletion, rectification, and the right to data portability can no longer be exercised.

PURPOSE OF THE PROCESSING OF COLLECTED DATA

The data is collected and used to enable navigation of the Website, for statistical purposes, interaction with social networks, and external platforms. In addition, personal data provided by users, both through the Website and outside of this context, as specified below.

Data processing is carried out using automated tools (e.g., using electronic procedures and media) for the time strictly necessary to achieve the purposes for which it was collected and, in any case, in accordance with current regulations. Specific security measures are observed to prevent loss, illicit and/or incorrect use, and/or unauthorized access.

In addition to the Data Controller, internal subjects formally authorized by the Data Controller, or external subjects (such as third-party technical service providers, hosting providers, IT companies, consulting firms, communication agencies, etc.) formally identified as Data Processors by the Data Controller may have access to personal data. The updated list of Data Processors can always be requested by the data subject from the Data Controller in the exercise of their rights, as indicated in the section “rights of data subjects.”

TYPE OF DATA PROCESSED AND LEGAL BASIS

Browsing data: During normal operation, the IT systems and software procedures used to operate this website acquire some personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.

The legal basis for the processing of such data is the consent provided when the user consults the site.

For details, see the cookies section.

Data provided voluntarily by the user:

Web forms and/or email address: the optional, explicit, and voluntary sending of data through web forms and/or the use of email addresses indicated on this site entails the subsequent acquisition of the sender's address and any other personal data included in the message, for the purpose of responding to requests and fulfilling orders placed by the user. The legal basis is the consent provided at the time of sending.

Newsletter subscription/Sending commercial communications:

Data collected: first name, last name, email address.

Purpose and methods of processing: The processing of your data is based on the consent provided by ticking the box “I give my consent” for the purpose of processing the request to receive NEWSLETTERS and/or advertising and/or commercial communications by email or telephone. The provision of data is not mandatory, but failure to tick the box “I give my consent” will make it impossible to pursue the stated purposes.

The legal basis for the processing of such data is therefore the consent explicitly provided. The user's right to formally request, at any time, the deletion from the database acquired by the Data Controller following the consent received, at the addresses indicated by the Data Controller, is guaranteed.

Joining the Facebook group:

Data acquired: name indicated by the Facebook account

Purpose and methods of processing: Your data will be processed after you have explicitly requested to join the closed Facebook group and only after acceptance by the group itself.

The purpose of the group is to share recipes and comments on Longino & Cardenal products, and the data collected remains on the platform itself.

The legal basis for the processing of such data is therefore the consent explicitly provided through the registration request. The user's right to request unsubscription at any time by means of a formal request to the Data Controller is guaranteed, resulting in the deletion of the data acquired by the Data Controller following registration from the database.

Furthermore, the Data Controller may legitimately collect Personal Data relating to the User without their involvement, drawing on sources provided by third parties, in accordance with the legal bases described. If the Data Controller has collected Personal Data in this way, the User may request specific information from the Data Controller regarding the sources and, in any case, the Data Controller will indicate this in the information notice that, for various reasons and where due, will be issued to the data subject for the specific case. It is always possible to ask the Data Controller to clarify the specific legal basis for each processing operation.

OPTIONAL NATURE OF DATA SUBMISSION

Apart from what has been specified for navigation data and for data for which it is mandatory under the law, the user is free to provide personal data to request the services offered by the Data Controller. Failure to provide such data will make it impossible to obtain the requested service/complete the order. Provision is always optional in cases where consent is required for additional purposes.

DETAILS ON THE PROCESSING OF PERSONAL DATA

Personal Data is collected for the following purposes and using the following services:

CONTACT THE USER

Contact form for placing orders

By filling in the contact form with their data, the User consents to its use to respond to requests for information, quotes, or any other nature indicated in the form header. If specific consent is given by checking the required box, the Company will be allowed to send newsletters, advertising, and commercial information by email or telephone. If consent is not given for the sending of the above communications, it is still possible to complete the form to finalize the order.

Purpose and Methods of Processing

The processing of your data is based on the consent provided by ticking the box “I give my consent” for the purpose of processing the request to receive NEWSLETTERS and/or advertising and/or commercial communications by email or telephone. The provision of data is not mandatory, but failure to tick the box “I give my consent” will make it impossible to pursue the stated purposes.

The legal basis for the processing of such data is therefore the consent explicitly provided. The user's right to formally request, at the addresses indicated by the Data Controller, the deletion from the database acquired by the Data Controller following the consent received is guaranteed at all times.

Personal Data collected: ZIP code, city, Tax ID/VAT number, last name, date of birth, email, User ID, address, country, first name, phone number, province, company name, sector of activity only if VAT number, website.


PAYMENT MANAGEMENT

Payment management services allow this Website to process payments via credit card, bank transfer, or other means. The data used for payment is acquired directly by the payment service provider without being processed in any way by this Website. Some of these services may also allow scheduled messages to be sent to the User, such as emails containing invoices or payment notifications.

PayPal (Paypal) ,

PayPal is a payment service provided by PayPal Inc., which allows the User to make online payments.

Personal Data collected: various types of Data as specified in the privacy policy of the service.

Place of processing: See PayPal's privacy policy – Privacy Policy.

LINKS TO OTHER WEBSITES AND BANNERS

This Privacy Policy refers exclusively to this Website. The Website contains links to third-party websites, over which the Data Controller has no control. The Data Controller shall therefore not be liable in any way for the processing of personal data that users may provide while browsing such websites. The Website may also contain advertisements or commercial information relating to third parties (companies or individuals). The Data Controller has no control over such banners and the processing of personal data that may be carried out by third-party advertisers.

INTERACTION WITH DATA COLLECTION PLATFORMS AND OTHER THIRD PARTIES

This type of service allows Users to interact with data collection platforms or other services directly from the pages of this Website in order to save and reuse data. If one of these services is installed, it may collect Usage Data relating to the pages on which it is installed, even if Users do not use the service.

INTERACTION WITH SOCIAL NETWORKS AND EXTERNAL PLATFORMS

This type of service allows interaction with social networks or other external platforms directly from the pages of this Website. The interactions and information acquired by this Website are in any case subject to the User's privacy settings for each social network. If a service for interacting with social networks is installed, it may collect traffic data relating to the pages on which it is installed, even if Users do not use the service.

Like button and social widgets from Facebook (Facebook, Inc.)

The “Like” button and Facebook social widgets are services provided by Facebook, Inc. that allow interaction with the Facebook social network. We include a Facebook widget to show you information and “likes” on our Facebook page. This widget may collect information such as your IP address, the type of device you are using, save cookies in your browser, include additional tracking information, and monitor interactions with the widget itself. For more information, visit Facebook's privacy policy at this address: https://www.facebook.com/about/privacy/update

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield compliant. 

Twitter Tweet button and social widgets (Twitter, Inc.)

The Twitter Tweet button and social widgets are services for interaction with the Twitter social network, provided by Twitter, Inc.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Participant in the Privacy Shield framework.

Google+ +1 button and social widgets (Google Inc.)

The Google+ +1 button and social widgets are services for interaction with the Google+ social network, provided by Google Inc.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Participant in the Privacy Shield framework.

LinkedIn button and social widgets (LinkedIn Corporation)

The LinkedIn button and social widgets are services for interaction with the LinkedIn social network, provided by LinkedIn Corporation.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy.

YouTube button and social widgets (Google Inc.)

The YouTube button and social widgets are services for interaction with the YouTube social network, provided by Google Inc.

Personal Data collected: Usage Data.

Place of processing: United States – Privacy Policy. Participant in the Privacy Shield framework.

Pinterest button and social widgets (Pinterest Inc.)

The Pinterest button and social widgets are services for interaction with the Pinterest social network, provided by Pinterest Inc.

Personal Data collected: Usage Data.

Place of processing: United States – Privacy Policy. Participant in the Privacy Shield framework.

 

LOCATION-BASED INTERACTIONS

SPAM PROTECTION

This type of service analyzes the traffic of this Website, which may potentially contain Users’ Personal Data, in order to filter it from parts of traffic, messages and content recognized as SPAM.

Google reCAPTCHA (Google Inc.)

Google reCAPTCHA is a SPAM protection service provided by Google Inc.
The use of the reCAPTCHA system is subject to Google’s privacy policy and terms of service.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Participant in the Privacy Shield framework.


ADVERTISING

This type of service allows the User’s Data to be used for commercial communication purposes in various forms of advertising, such as banner ads, including in relation to the User’s interests.
This does not mean that all Personal Data are used for this purpose. Data and conditions of use are indicated below. Some of the services listed below may use Cookies to identify the User or use behavioral retargeting techniques, that is, displaying personalized advertisements based on the User’s interests and behavior, also detected outside this Website. For more information, we suggest that you check the privacy policies of the respective services.
In addition to the opt-out options offered by the services listed below, the User may opt out of receiving cookies relating to a third-party service by visiting the Network Advertising Initiative opt-out page.

Direct Email Marketing (DEM)

This Website uses the User’s Data to send commercial offers relating to services and products provided by third parties or not related to the product or service supplied by this Website.

Personal Data collected: email address.

Facebook Audience Network (Facebook, Inc.)

Facebook Audience Network is an advertising service provided by Facebook, Inc. For an understanding of Facebook’s use of data, please consult Facebook’s data policy.

In order to enable the functioning of Facebook Audience Network, this Website may use certain mobile device identifiers (including Android Advertising ID or Advertising Identifier for OS) or technologies similar to cookies. Among the ways in which Audience Network displays advertising messages to the User is the use of the User’s advertising preferences. The User can control the sharing of their advertising preferences within the Facebook Ad settings.

The User can opt out of certain Audience Network targeting features through their device settings. For example, they can modify the advertising settings available on their mobile device, or follow the instructions applicable to Audience Network that may be provided within this privacy policy.

Personal Data collected: Cookies, Usage Data and unique device identifiers for advertising purposes (for example, Google Advertiser ID or IDFA).

Place of processing: United States – Privacy Policy – Opt Out. Participant in the Privacy Shield framework.

DoubleClick for Publishers (Google Inc.)

DoubleClick for Publishers is an advertising service provided by Google Inc. through which the Data Controller can run advertising campaigns jointly with external advertising networks with which the Controller, unless otherwise specified in this document, has no direct relationship. Users who do not wish to be tracked by the different advertising networks may use Youronlinechoices. For an understanding of how Google uses data, please consult Google’s partner policies.
This service uses the “Doubleclick” Cookie, which tracks the use of @{replacement missing: it.privacy_policy_page.interpolation.this_applicationp} and the User’s behavior in relation to advertisements, products and services offered.
The User may decide at any time not to use the Doubleclick Cookie by disabling it: www.google.com/settings/ads/onweb/optout?hl=it.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy.


BACKUP SAVING AND MANAGEMENT

This type of service allows the saving and management of backups of this Website on external servers managed by the service provider itself. These backups may include both the source code and its contents, as well as the data provided to this Website by the User.

Backup on Dropbox (Dropbox, Inc.)

Dropbox is a backup saving and management service provided by Dropbox Inc.

Personal Data collected: various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy. Participant in the Privacy Shield framework.


 

REMARKETING AND BEHAVIORAL TARGETING

This type of service allows this Website and its partners to communicate, optimize and serve advertisements based on the User’s past use of this Website. This activity is carried out through the tracking of Usage Data and the use of Cookies, information that is transferred to the partners to whom the remarketing and behavioral targeting activity is linked. In addition to the opt-out options offered by the services listed below, the User may opt out of receiving cookies related to a third-party service by visiting the Network Advertising Initiative opt-out page.

AdWords Remarketing (Google Inc.)

AdWords Remarketing is a remarketing and behavioral targeting service provided by Google Inc. that links the activity of this Website with the Adwords advertising network and the Doubleclick Cookie.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy – Opt Out.

Facebook Remarketing (Facebook, Inc.)

Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook, Inc. that links the activity of this Website with the Facebook advertising network.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy – Opt Out. Participant in the Privacy Shield framework.

Facebook Custom Audience (Facebook, Inc.)

Facebook Custom Audience is a remarketing and behavioral targeting service provided by Facebook, Inc. that links the activity of this Website with the Facebook advertising network.

Personal Data collected: Cookies and email address.

Place of processing: United States – Privacy Policy – Opt Out. Participant in the Privacy Shield framework.

Remarketing with Google Analytics for display advertising (Google Inc.)

Google Analytics for display advertising is a remarketing and behavioral targeting service provided by Google Inc. that links the tracking activity carried out by Google Analytics and its Cookies with the Adwords advertising network and the Doubleclick Cookie.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy – Opt Out. Participant in the Privacy Shield framework.

DoubleClick for Publishers Audience Extension (Google Inc.)

DoubleClick for Publishers Audience Extension is a remarketing and behavioral targeting service provided by Google Inc. that tracks visitors to this Website and allows selected advertising partners to show them personalized ads across the web.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy – Opt Out.


 

TRANSFER OF DATA OUTSIDE THE EU

The Data Controller may transfer Personal Data collected within the EU to third countries (that is, all countries that are not part of the EU) only in accordance with a specific legal basis. Therefore, such Data transfers are carried out according to one of the legal bases described below.

The User may request information from the Data Controller regarding the specific legal basis actually applicable to each individual service.

Transfer to third countries based on consent

When this is the legal basis, the transfer of Personal Data from the EU to third countries takes place only when the User has expressly consented to such transfer after being informed of the risks arising from the absence of an adequacy decision and of the appropriate safeguards adopted.

In such cases, the Data Controller informs Users and collects their consent through this Website.

Personal Data collected: various types of Data.

 

STATISTICS

The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.

Google Analytics (Google Inc.)

Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the Personal Data collected to track and examine the use of this Website, to compile reports and to share them with other services developed by Google.
Google may use the Personal Data to contextualize and personalize the ads of its advertising network.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy – Opt Out. Participant in the Privacy Shield framework.

Google AdWords conversion tracking (Google Inc.)

Google AdWords conversion tracking is a statistics service provided by Google Inc. that connects data from the Google AdWords advertising network with actions performed within this Website.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Participant in the Privacy Shield framework.

Facebook Ads conversion tracking (Facebook, Inc.)

Facebook Ads conversion tracking is a statistics service provided by Facebook, Inc. that connects data from the Facebook advertising network with actions performed within this Website.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Participant in the Privacy Shield framework.

Facebook Analytics for Apps (Facebook, Inc.)

Facebook Analytics for Apps is a statistics service provided by Facebook, Inc.

Personal Data collected: Usage Data and various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy. Participant in the Privacy Shield framework.


 

DISPLAYING CONTENT FROM EXTERNAL PLATFORMS

This type of service allows content hosted on external platforms to be displayed directly from the pages of this Website and to interact with such content.
If a service of this kind is installed, it is possible that, even if Users do not use the service, it may collect traffic data relating to the pages on which it is installed.

YouTube Video Widget (Google Inc.)

YouTube is a video content display service managed by Google Inc. that allows this Website to integrate such content within its pages.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Participant in the Privacy Shield framework.

Google Maps Widget (Google Inc.)

Google Maps is a map display service managed by Google Inc. that allows this Website to integrate such content within its pages.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Participant in the Privacy Shield framework.

Google Fonts (Google Inc.)

Google Fonts is a font style display service managed by Google Inc. that allows this Website to integrate such content within its pages.

Personal Data collected: Usage Data and various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy. Participant in the Privacy Shield framework.

Gravatar (Automattic Inc.)

Gravatar is an image display service managed by Automattic Inc. that allows this Website to integrate such content within its pages. Please note that if Gravatar images are used for comment systems, the commenter’s email address (or parts of it) may be sent to Gravatar, even if they are not subscribed to this service.

Personal Data collected: Usage Data and email address.

Place of processing: United States – Privacy Policy.


 

FURTHER INFORMATION ABOUT PERSONAL DATA

Personal Data collected from sources other than the User

The Data Controller of this Website may have legitimately collected Personal Data relating to the User without their involvement, drawing on sources provided by third parties, in accordance with the legal bases described in the section on the legal bases of the processing.
Where the Controller has collected Personal Data in this way, the User may find specific information about the sources in the relevant sections of this document or by contacting the Controller.

 

SALE OF GOODS AND SERVICES ONLINE

The Personal Data collected are used for the provision of services to the User or for the sale of products, including payment and any related delivery. The Personal Data collected to complete payment may include those relating to the credit card, the bank account used for the transfer, or other provided means of payment. The payment Data collected by this Website depends on the payment system used.

DATA SUBJECTS' RIGHTS (ARTS. 15–22 OF EUROPEAN REGULATION (EU) 2016/679)

The persons to whom the Personal Data refer have the right, at any time, to obtain confirmation as to whether or not such data exist and to know their content and origin, to verify their accuracy or request that they be completed or updated, or otherwise corrected. They also retain the right to lodge a complaint with the supervisory authority.
To exercise their rights and to obtain further information regarding the processing of Personal Data, the User may contact the Controller using the contact details indicated in this document. Requests are made free of charge and are handled by the Controller as soon as possible and, in any case, within one month.

In particular, the User has the right to:

  • withdraw consent at any time. The User may withdraw consent to the processing of their Personal Data previously given.

  • object to the processing of their Data. The User may object to the processing of their Data when it is carried out on a legal basis other than consent. Further details on the right to object are provided in the section below.

  • access their Data. The User has the right to obtain information about the Data processed by the Controller, on certain aspects of the processing, and to receive a copy of the Data processed.

  • verify and request rectification. The User may verify the accuracy of their Data and request that it be updated or corrected.

  • obtain restriction of processing. When certain conditions are met, the User may request the restriction of the processing of their Data. In this case, the Controller will not process the Data for any purpose other than their storage.

  • obtain the erasure or removal of their Personal Data. When certain conditions are met, the User may request the erasure of their Data by the Controller.

  • receive their Data or have them transferred to another controller. The User has the right to receive their Data in a structured, commonly used and machine-readable format and, where technically feasible, to have them transmitted without hindrance to another controller. This provision applies when the Data are processed by automated means and the processing is based on the User's consent, on a contract to which the User is party or on contractual measures related thereto.

  • lodge a complaint. The User may lodge a complaint with the competent data protection supervisory authority or bring an action before the courts.

  

 Details on the right to object

When Personal Data are processed in the public interest, in the exercise of official authority vested in the Controller, or for the purposes of the legitimate interests pursued by the Controller, Users have the right to object to such processing on grounds relating to their particular situation.

Users are reminded that, where their Data are processed for direct marketing purposes, they may object to such processing at any time without providing any justification. To find out whether the Controller processes Data for direct marketing purposes, Users may refer to the relevant sections of this document.

How to exercise rights

To exercise their rights, Users may send a request to the Controller using the contact details indicated in this document. Requests are made free of charge and will be handled by the Controller as soon as possible and, in any case, within one month.

 

COOKIE POLICY

This Website uses Cookies. To learn more and to view the detailed information notice, the User may consult the Cookie Policy.

 

FURTHER INFORMATION ABOUT PROCESSING

Legal defense

The User’s Personal Data may be used by the Controller in legal proceedings or in the preparatory stages leading to possible legal action arising from improper use of this Website or the related Services by the User. The User declares to be aware that the Controller may be required to disclose Personal Data upon request of public authorities.

Specific information notices

Upon the User’s request, in addition to the information contained in this privacy policy, this Website may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.

System logs and maintenance

For operation and maintenance purposes, this Website and any third-party services it uses may collect system logs, i.e. files that record interactions and may also contain Personal Data, such as the User’s IP address.

Information not contained in this policy

Further information regarding the processing of Personal Data may be requested from the Data Controller at any time using the contact details indicated.

Response to “Do Not Track” requests

This Website does not support “Do Not Track” requests. To determine whether any of the third-party services it uses support “Do Not Track” requests, the User is invited to consult their respective privacy policies.

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users on this page and, where technically and legally feasible, by sending a notification to Users via one of the contact details available to the Controller. Users are therefore kindly requested to check this page regularly, referring to the date of the last modification indicated at the bottom. Where the changes affect processing activities whose legal basis is consent, the Controller shall collect the User’s consent again, where required.


 

TYPES OF DATA COLLECTED

The online chat platform entails the collection of personal data, voluntarily provided by the user through the text fields in the registration form (first name, last name, postal code of residence, telephone number, email address, etc.) and details relating to the device used (web browser, etc.).

Purpose of processing

The information collected is necessary for the operation of the chat platform and to allow operators to provide personalized support, respond to users’ requests and monitor and improve the quality of the service. Longino&cardenal S.p.A. (www.shoplongino.it) does not use the information obtained through the chat platform for marketing purposes. When the operators of Longino&cardenal S.p.A. (www.shoplongino.it) invite the user to use the chat, Cookies are set on the user’s device in order to track the date, start and end time and duration, as well as the value of the products in the shopping cart. The request to open a chat constitutes the expression of consent given by a free and unconditional positive and unequivocal action of the user, who may revoke such consent at any time simply by closing the chat. These are session Cookies which, therefore, are removed from the device when the browser is closed; otherwise, it is possible to reconfigure the browser to refuse Cookies or to request the user’s consent.

The processing of personal data will be carried out lawfully and fairly and, in any case, in accordance with Regulation (EU) 2016/679, using tools suitable to guarantee their security and confidentiality and may also be carried out by means of IT tools designed to store, manage and transmit such data.

Legal basis for processing

The legal basis for the processing is as follows: the data subject has given consent to the processing of their personal data for one or more specific purposes.

More specifically, in light of Articles 6 and 7 of GDPR 679/16, the decision to activate the chat constitutes a free expression of consent by an unambiguous positive action to the processing of personal data such as browsing Cookies, previous purchases, the current shopping cart and the pages visited.

Recipients of the data

The personal data processed by the Controller are not disseminated, that is, they are not made known to unspecified parties in any possible form, including by making them available or by simple consultation. They may, however, be communicated to employees working under the authority of the Controller and to external parties collaborating with the Controller, designated as Data Processors or authorized to process the data as persons acting under the authority of the data controller. It is possible that the information obtained through the chat platform will be used for audit purposes, as well as to improve the quality of the chat platform and to provide hosting for the chat tool.


 

DEFINITIONS AND LEGAL REFERENCES

PERSONAL DATA (OR DATA)

Personal Data constitute any information that, directly or indirectly, also in connection with any other information, including a personal identification number, makes a natural person identified or identifiable.

 

USAGE DATA

This is information collected automatically through this Website (also by third-party applications integrated into this Website), including: the IP addresses or domain names of the computers used by the User who connects with this Website, the URI (Uniform Resource Identifier) addresses, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server’s response (successful outcome, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, the various time details of the visit (for example, the time spent on each page) and the details relating to the path followed within the Application, with particular reference to the sequence of pages consulted, and the parameters relating to the User’s operating system and IT environment.

USER

The individual who uses this Website who, unless otherwise specified, coincides with the Data Subject.

DATA SUBJECT

The natural person to whom the Personal Data refer.

DATA PROCESSOR (OR PROCESSOR)

The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.

DATA CONTROLLER (OR CONTROLLER)

The natural or legal person, public authority, service or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data and the tools adopted, including the security measures concerning the operation and use of this Website. The Data Controller, unless otherwise specified, is the owner of this Website.

THIS WEBSITE

The hardware or software tool by which the Users’ Personal Data are collected and processed.

SERVICE

The service provided by this Website as described in the relevant terms and conditions (if available) on this site/application.

EUROPEAN UNION (OR EU)

Unless otherwise specified, any reference in this document to the European Union is intended to include all current member states of the European Union and the European Economic Area.

COOKIE

A small piece of data stored within the User’s device.

LEGAL REFERENCES

This privacy notice is drafted on the basis of multiple legislative provisions, including Articles 13 and 14 of Regulation (EU) 2016/679.

Unless otherwise specified, this privacy notice concerns exclusively this Website.